This phishing scam lures you in by pretending you’ve got a bonus

Campaign infects victims with the Bazar trojan which creates a backdoor on their systems

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Security researchers atFortinethave discovered a newphishingcampaign which tries to lure enterprise users with fake customer complaint reports, fake billing statements and even the offer of a phony bonus.

The campaign also uses a new variant of the Bazar trojan, which has been linked to the developers ofTrickbot, that comes equipped with anti-analysis techniques to make it more difficult forantivirus softwareto detect.

These anti-analysis techniques include hiding malicious APIs in the code, extra code obfuscation and encrypting some strings of the code to make the trojan more difficult to analyze.

Bazar is a relatively new trojan which first appeared last year. If successfully deployed, it can provide cybercriminals with a backdoor into a compromised Windows system to allow them to control a user’s device, gain additional access to a corporate network to steal sensitive data and deploymalware.

Bazar trojan

Regardless of the theme used, this new phishing campaign tries to encourage a potential victim to click on a link that redirects them to a malicious website with a downloadablePDF.

However, while the page prominently features the PDF logo, it doesn’t actually contain a document. Instead there are three links that all point to the same executable which when downloaded, installs the Bazar trojan on a user’s system. Once installation is complete, a backdoor is present on a victim’s system that an attacker can exploit on their own or sell to other cybercriminals ondark web marketplaces.

According to Fortinet, this phishing campaign remains active and attempted attacks are still being observed in the wild.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

To prevent falling victim to this or other similar attacks, the firm’s researchers recommend that organizations provide training for their employees on how to identify and recognize online scams and attacks. At the same time though, organizations should also implement apatch managementstrategy to prevent cybercriminals from exploiting known vulnerabilities.

ViaZDNet

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Professionals are facing “tech overload” as they try to juggle multiple devices in the workplace